From 5f423b651070ab89e4e8ee9acd6e662693465f10 Mon Sep 17 00:00:00 2001 From: kisfenyo Date: Thu, 26 Feb 2026 09:34:00 +0100 Subject: [PATCH] removed ".env" references from comments, documentation --- CLAUDE.md | 2 +- CONTEXT.md | 2 +- controller/README.md | 4 ++-- controller/internal/sync/sync.go | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 83bc249..22864a9 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -239,7 +239,7 @@ manually via the dashboard "Sablonok frissítése" button. - On startup: clones repo to `{data_dir}/catalog-cache/` (shallow clone, `--depth 1`) - Periodically: `git fetch --depth 1` + `git reset --hard origin/{branch}` - Copies only `docker-compose.yml` and `.felhom.yml` to stacks dir -- **Never overwrites** `app.yaml` or `.env` — these contain deployed secrets +- **Never overwrites** `app.yaml` — this contains deployed secrets - Content-hash comparison (SHA-256) — only writes if file actually changed - After sync, triggers `ScanStacks()` rescan for dashboard update - `POST /api/sync` triggers immediate sync (30s debounce) diff --git a/CONTEXT.md b/CONTEXT.md index 157a575..28241ed 100644 --- a/CONTEXT.md +++ b/CONTEXT.md @@ -102,7 +102,7 @@ Last updated: 2026-02-19 (session 59) /opt/docker/felhom-controller/ # Controller compose + config ├── controller.yaml # Customer config (domain, auth, paths) ├── docker-compose.yml # Controller's own compose - └── .env # DOMAIN=demo-felhom.eu + └── data/ # Controller persistent data (named volume) /opt/docker/stacks/ # All app stacks ├── traefik/ # Reverse proxy (protected) diff --git a/controller/README.md b/controller/README.md index 59116f6..5783743 100644 --- a/controller/README.md +++ b/controller/README.md @@ -123,7 +123,7 @@ The app catalog lives in a separate Git repository. The controller: - Shallow-clones the catalog on startup - Periodically fetches updates (configurable, default 15 min) - Copies only `docker-compose.yml` and `.felhom.yml` to the stacks directory -- **Never overwrites** `app.yaml` or `.env` (user secrets are safe) +- **Never overwrites** `app.yaml` (user secrets are safe) - Uses SHA-256 content hashing — only writes files that actually changed - Triggers stack rescan after sync so the dashboard updates immediately - **Post-sync hook**: auto-injects missing deploy fields (new secrets, domains) into existing `app.yaml` for stacks whose templates were updated (see Missing Field Injection below) @@ -742,7 +742,7 @@ The controller needs write access to its own `docker-compose.yml`. This is achie ```yaml volumes: - # 1. Directory mount — gives access to compose file + .env + # 1. Directory mount — gives access to compose file + config - /opt/docker/felhom-controller:/opt/docker/felhom-controller # 2. Read-only override — prevents accidental config writes - /opt/docker/felhom-controller/controller.yaml:/opt/docker/felhom-controller/controller.yaml:ro diff --git a/controller/internal/sync/sync.go b/controller/internal/sync/sync.go index 661b0ac..8c106ee 100644 --- a/controller/internal/sync/sync.go +++ b/controller/internal/sync/sync.go @@ -301,7 +301,7 @@ func (s *Syncer) buildRepoURL() string { } // copyTemplates copies docker-compose.yml and .felhom.yml from the catalog cache -// to the stacks directory. Never overwrites app.yaml or .env files. +// to the stacks directory. Never overwrites app.yaml. func (s *Syncer) copyTemplates() (newApps []string, updated []string, err error) { templatesDir := filepath.Join(s.cacheDir, "templates") entries, err := os.ReadDir(templatesDir) @@ -327,7 +327,7 @@ func (s *Syncer) copyTemplates() (newApps []string, updated []string, err error) } } - // Files to sync (only template files, never app.yaml or .env) + // Files to sync (only template files, never app.yaml) syncFiles := []string{"docker-compose.yml", ".felhom.yml"} anyChanged := false